onepassword / onepassword.connect / 2.2.4 / module / generic_item Creates a customizable 1Password Item Authors: 1Password (@1Password)onepassword.connect.generic_item (2.2.4) — module
Install with ansible-galaxy collection install onepassword.connect:==2.2.4
collections: - name: onepassword.connect version: 2.2.4
Create or update an Item in a Vault.
Fully customizable using the Fields option.
B(NOTE) Any item fields without C(label) are removed when updating an existing item.
- name: Create an Item with no fields onepassword.connect.generic_item: title: Example Item state: present
- name: Create an item and generate its value if the item does not exist. onepassword.connect.generic_item: title: Club Membership state: present fields: - label: Secret Code field_type: concealed generate_value: on_create generator_recipe: length: 16 include_letters: true include_digits: true include_symbols: false section: Club Card Details register: op_item # Access item values through `op_item['data']` no_log: true # Hide the output - it will contain the secret value you just stored
- name: Update an item while preserving the generated Secret Code value onepassword.connect.generic_item: title: Club Membership state: present fields: - label: Secret Code field_type: concealed overwrite: false generate_value: never generator_recipe: # ignored because generate_value == never length: 16 include_letters: true include_digits: true include_symbols: false section: Club Card Details no_log: true
- name: Change an Item's Name and leave the generated Secret Code value unchanged onepassword.connect.generic_item: title: Guild Membership Details uuid: 3igj89sdf9ssdf89g state: present fields: - label: Secret Code field_type: concealed overwrite: false generate_value: on_create generator_recipe: # ignored because generate_value == never length: 16 include_letters: true include_digits: true include_symbols: false section: Club Card Details no_log: true
- name: Delete an Item by its Item UUID onepassword.connect.generic_item: uuid: 3igj89sdf9ssdf89g state: absent no_log: true
- name: Delete an Item by its name onepassword.connect.generic_item: title: Club Membership state: absent no_log: true
name: aliases: - title description: - Name of the Item - If C(state) is C(present) and c(uuid) is defined, the given value will overwrite previous Item name - If C(state) is C(present) and c(uuid) is NOT defined, the module will try to find an item with the same name. If an item cannot be found, a new item with the given name is created and the old item is not deleted. type: str tags: description: - Collection of tags applied to the 1Password Item. elements: str type: list urls: description: - Store one or more URLs on an item - URLs are clickable in the 1Password UI elements: str type: list uuid: description: - Unique ID for a single Item. - Ignored if C(state) is C(present) and the item doesn't exist. - If C(state) is C(present) and C(uuid) is NOT defined, the module will try to find an item using C(name). If an item cannot be found, a new item is created with the C(name) value and the old item is not changed. type: str state: choices: - present - absent default: present description: - I(present) will try to find the item using its vault ID and provided C(name) or C(UUID). If the item with a matching name or UUID is not found, the item is created. - To change the C(name) of an item, a C(uuid) MUST be provided. See C(name) for additional details. - I(absent) will delete the item if it exists. No change are made if the item is not found. type: str token: description: - The token to authenticate 1Password Connect calls. - Ansible should never log or display this value. type: str fields: description: List of fields associated with the Item elements: dict suboptions: field_type: aliases: - type choices: - string - email - concealed - url - otp - date - month_year default: string description: - Sets expected value type for the field. - 'If C(generic_item.category) is C(login) or C(password), the field with type C(concealed) and named C(password) becomes the item''s primary password. ' type: str generate_value: choices: - always - on_create - never default: never description: - Generate a new value for the field using the C(generator_recipe). - Overrides C(value) if I(generate_value=on_create) and field does not exist or if I(generate_value=always). - I(generate_value=never) will use the data in C(value). - I(generate_value=always) will assign a new value to this field every time Ansible runs the module. - I(generate_value=on_create) will generate a new value and ignore C(value) if the field does not exist. If the field does exist, the module will use the previously generated value and ignore the C(value). - The module searches for field by using a case-insensitive match for the C(label) within the field's C(section). type: str generator_recipe: description: - Configures 1Password's Secure Password Generator - If C(generate_value) is 'never', these options have no effect. suboptions: include_digits: default: true description: - Toggle whether generated password includes digits (0-9) type: bool include_letters: default: true description: - Toggle whether generated password includes ASCII characters (a-zA-Z) type: bool include_symbols: default: true description: - Toggle whether generated password includes ASCII symbol characters type: bool length: default: 32 description: - Defines number of characters in generated password type: int type: dict label: description: The name of the field required: true type: str section: description: - Places the field into a named group. If section does not exist, it is created. - If two or more fields belong to the same C(section), they are grouped together under that section. type: str value: description: Sets the value of the field. type: str type: list category: choices: - login - password - server - database - api_credential - software_license - secure_note - wireless_router - bank_account - email_account - credit_card - membership - passport - outdoor_license - driver_license - identity - reward_program - social_security_number default: api_credential description: - 'Applies the selected category template to the item. Other 1Password clients use category templates to help organize fields when rendering an item. ' - 'The category cannot be changed after creating an item. To change the category, recreate the item with the new category ' - 'If the category is C(login) or C(password) and the item has a field named C(password), that field will be the primary password when the item is displayed in 1Password clients. ' - 'If the category is C(login) and the item has a field named C(username), that field becomes the primary username when the item is displayed in 1Password clients. ' type: str favorite: default: false description: Toggles the 'favorite' attribute for an Item type: bool hostname: description: - URL of 1Password Connect. type: str vault_id: description: - ID of the 1Password vault that will be accessed. - Uses environment variable C(OP_VAULT_ID) if not explicitly defined in the playbook. required: true type: str
msg: description: Information returned when an error occurs. returned: failure sample: Invalid Vault ID type: str op_item: contains: category: description: The Item template used when creating or modifying the item returned: success sample: LOGIN type: str created_at: description: Timestamp that reports when the Item was originally created returned: success sample: '2020-11-23T15:29:07.312397-08:00' type: str fields: description: Lists all defined fields for the Item. The key for each field is the field's label. returned: success sample: ExampleField: id: 123example label: Test type: STRING value: exampleValue type: dict id: description: Unique ID for the Item. returned: success sample: bactwEXAMPLEpxhpjxymh7yy type: str tags: description: All unique tag values associated with the item elements: str returned: success sample: - tag1 - tag2 type: list title: description: User-provided name for the Item. Displayed in 1Password clients. returned: success sample: My Test Item type: str updated_at: description: Timestamp that reports when the Item was last modified. returned: success sample: '2020-11-23T15:29:07.312397-08:00' type: str vault: description: Information about the Vault containing this Item. returned: success sample: - id: abc1234EXAMPLEvault5678 type: dict description: 'Dictionary containing Item properties or an empty dictionary if I(state=absent). See 1Password Connect API for complete structure. ' returned: always type: complex